Information Technology Reference
In-Depth Information
folder redirection
A feature that enables administrators to set
policies that redirect folders in a user's profile directory, usually to
a location on a server.
hash algorithm
A mathematical function that takes a string of
data as input and produces a fixed-size hash value as output. Hash
values are used to verify that the original data hasn't been changed
and to sign CA certificates and certificates issued by the CA.
forest
A collection of one or more Active Directory trees. A forest
can consist of a single tree with a single domain, or it can contain
several trees, each with a hierarchy of parent and child domains.
forest root domain
The first domain created in a new forest.
host computer
The physical computer on which Windows
Server 2008 is installed.
host operating system
An OS running virtualization software
for the purpose of running virtual machines or guest operating
systems.
forest trust
A trust that provides a one-way or two-way transi-
tive trust between forests, which enables security principals in one
forest to access resources in any domain in another forest.
hot-add
A high-end feature that allows adding hardware (usually
memory, processors, or disk drives) to a system while it's running.
forest-wide authentication
A property of a forest trust in
which all users in a trusted forest can be authenticated to the
trusting forest.
hot-replace
A high-end feature that allows replacing faulty hard-
ware (usually memory, processors, or disk drives) in a system while
it's running.
forward lookup zone (FLZ)
A DNS zone containing records that
translate names to IP addresses, such as A, AAAA, and MX records.
It's named after the domain whose resource records it contains.
hypervisor
A layer of software between hardware and OSs that
allows multiple OSs or multiple instances of the same OS to share
physical hardware resources.
forwarder
A DNS server to which other DNS servers send
requests they can't resolve themselves.
interforest migration
Moving objects between domains in dif-
ferent forests. Migrated objects are actually copied and exist in
both domains simultaneously so that users can continue working
while the migration is in progress.
fully qualified domain name (FQDN)
A domain name that
includes all parts of the name, including the top-level domain.
global catalog partition
A directory partition that stores the
global catalog, which is a partial replica of all objects in the forest.
It contains the most commonly accessed object attributes to facili-
tate object searches and user logons across domains.
global group
A group scope used mainly to group users from
the same domain who have similar access and rights requirements.
A global group's members can be user accounts and other global
groups from the same domain.
GlobalNames zone (GNZ)
A new feature in Windows Server
2008 that provides a method for IT administrators to add single-
label names (computer names that don't use a domain suffix) to
DNS, thereby allowing client computers to resolve these names
without including a DNS suffix in the query.
intermediate CAs
A CA in a multilevel CA hierarchy that issues
certificates to issuing CAs, which respond to user and device certifi-
cate requests. Sometimes called a policy CA.
intersite replication
Active Directory replication that occurs
between two or more sites.
intraforest migration
Moving objects between domains in the
same forest. The domain from which objects are moved is the
source domain, and the domain to which they're being moved is the
target domain.
intrasite replication
Active Directory replication between
domain controllers in the same site.
issuing CAs
A CA that interacts with clients to field certificate
requests and maintain the CRL.
glue A record
An A record used to resolve the name in an NS
record to its IP address.
item-level targeting
A feature of group policy preferences that
enables administrators to target users or computers for each prefer-
ence based on a set of criteria.
GPO filtering
A method to alter the normal scope of a GPO and
exclude certain objects from being affected by its settings. GPO fil-
tering methods include security filtering, which uses GPO permis-
sions, and WMI filtering, which uses Windows Management
Instrumentation queries to select objects.
iterative query
A type of DNS query to which a DNS server
responds with the best information it has to satisfy the query. The
DNS server doesn't query additional DNS servers in an attempt to
resolve the query.
Group Policy Container (GPC)
A GPO component that's an
Active Directory object stored in the System\Policies folder. The
GPC stores GPO properties and status information but no actual
policy settings.
Kerberos
An open-standard security protocol used to secure
authentication and identification between parties in a network.
key archival
A method of backing up private keys and restoring
them if users' private keys are lost.
Group Policy Object (GPO)
A list of settings that administra-
tors use to configure user and computer operating environments
remotely through Active Directory.
Knowledge Consistency Checker (KCC)
A process that runs
on every domain controller to determine the replication topology.
Group Policy Template (GPT)
A GPO component that's stored
as a set of files in the Sysvol share. It contains all the policy settings
that make up a GPO as well as related files, such as scripts.
Lightweight Directory Access Protocol (LDAP)
A protocol
that runs over TCP/IP and is designed to facilitate access to direc-
tory services and directory objects. LDAP is based on a suite of
protocols called X.500, developed by the International
Telecommunications Union.
group scope
A property of a group that determines the reach of
a group's application in a domain or a forest—which security prin-
cipals in a forest can be group members and to which forest
resources a group can be assigned rights or permissions.
guest operating systems
OSs running in virtual machines on
host computers.
link-local address
Similar in function to the IPv4 APIPA
addresses, link-local IPv6 addresses begin with fe80, are self-
configuring, and can't be routed.
Search WWH ::
Custom Search